You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Martijn Visser (Jira)" <ji...@apache.org> on 2022/03/02 07:34:00 UTC

[jira] [Closed] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx

     [ https://issues.apache.org/jira/browse/FLINK-22441?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martijn Visser closed FLINK-22441.
----------------------------------
    Resolution: Won't Fix

This has been resolved for Flink 1.14 and newer versions, but can't be backported to older versions. Therefore closing the ticket.

> In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: FLINK-22441
>                 URL: https://issues.apache.org/jira/browse/FLINK-22441
>             Project: Flink
>          Issue Type: Bug
>          Components: Runtime / Coordination
>    Affects Versions: 1.11.3, 1.12.2, 1.13.0
>            Reporter: 张健
>            Priority: Not a Priority
>              Labels: auto-deprioritized-major, auto-deprioritized-minor
>
> In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 CVE-2021-21295 etc. please confirm these version and fix. thx



--
This message was sent by Atlassian Jira
(v8.20.1#820001)